berlin.de privacy policy — score 80/100 (low risk)

Last analyzed

This report is more than 28 days old. It shows the last saved analysis for this policy — refresh to re-fetch the live page and update the score.

Der Regierende Bürgermeister von Berlin – Senatskanzlei · berlin.de

Report details

low risk

The Berlin Senate Chancellery's privacy policy is generally strong, using two-click consent for third-party media and anonymizing IPs, though it relies on standard contractual clauses for some sub-processors outside the EEA and lacks clarity on AI training.

The privacy policy of the Berlin Senate Chancellery (Senatskanzlei) demonstrates a high standard of GDPR compliance typical of German public authorities. It employs robust privacy-protective measures such as two-click solutions for YouTube, Google Maps, and Vimeo, ensuring no data is transmitted without explicit consent. IP addresses are truncated before processing for analytics (Mapp Intelligence), and analytics data is stored exclusively in Germany. However, there are notable gaps: video provider movingimage and chart tool Datawrapper use sub-processors in third countries relying solely on Standard Contractual Clauses (SCCs), and the retention period for contact form data is vaguely defined. Additionally, the policy is entirely silent on whether any integrated services use data for AI model training.

Last analyzed
SourceURL
Length61,230 chars

Category Assessment

Breakdown of the policy across key compliance areas. Good = strong, fair = mixed, poor = concerning.

Data Minimizationgood

IP addresses are truncated/anonymized before processing for analytics and translation, and forms only request necessary data.

Transparencygood

The policy is highly structured, detailing specific legal bases, purposes, and retention periods for each distinct processing activity.

Third-party Sharingfair

While two-click solutions prevent passive tracking, data is shared with several US tech companies (Google, Vimeo) and sub-processors upon consent.

International Transfersfair

Analytics data is kept in Germany, but movingimage and Datawrapper explicitly use sub-processors in third countries under SCCs.

AI/Model Trainingfair

The policy is entirely silent on whether integrated services (like translation or analytics) use processed data for training their own AI models.

User Rightsgood

All standard GDPR rights are clearly listed with contact details for the Data Protection Officer and the supervisory authority.

Key Findings

Notable clauses, issues, or positive practices discovered (critical first)

Warning

Third-Country Transfers via Sub-processors

movingimage and Datawrapper use sub-processors (CDNs) in third countries, relying on Standard Contractual Clauses (SCCs) without mentioning supplementary technical measures, which may be insufficient post-Schrems II.

Warning

Ambiguous Retention for Contact Forms

While browser data is deleted after 14 days, contact form data is kept until the 'conversation is concluded,' which is subjective and lacks a hard maximum retention period.

Info

Strong Two-Click Implementation for Media

Google Maps, YouTube, and Vimeo are implemented with preview images and require active consent ('Akzeptieren und Anzeigen') before connecting to external servers, preventing passive data leakage to US tech companies.

Info

IP Anonymization and Local Storage for Analytics

Mapp Intelligence truncates IP addresses before processing and stores data exclusively in Germany, mitigating cross-border transfer risks for analytics data.

Info

Silence on AI/Model Training

The policy does not disclose whether any integrated third-party services (such as Conword for translation or Mapp for analytics) use the processed data for their own AI or machine learning model training.

Consumer Takeaway

Your data is generally well-protected on this government site, especially since videos and maps only load if you click to accept them, but be aware that some underlying tools might send data to servers outside the EU.

Compliance Posture

The controller demonstrates a strong compliance posture, leveraging specific legal bases (Art. 6(1)(e) and (f)) for public task operations and implementing data protection by design (e.g., IP anonymization, two-click integrations). The main weaknesses are the reliance on SCCs without mentioning supplementary measures for third-country transfers, and ambiguous retention timelines for correspondence.

EU Transfers

Data transfers to third countries occur via movingimage and Datawrapper sub-processors (CDNs), relying on Standard Contractual Clauses. Google and Vimeo are US-based but are activated only after user consent. Analytics data is explicitly kept within Germany.

Detected Signals

Specific data points and practices identified in the text

Data Collected
Browser type and versionOperating systemReferrer URLIP addressDate and time of accessEmail addressFirst and last namePhysical addressSearch termsEvent attendance statusPhotos and videos of attendees
Processing Purposes
Website functionality and securityWeb analytics (anonymized)Automated translationProcessing contact inquiriesEvent registration and managementNewsletter delivery
Third-party Sharing
Data shared with BerlinOnline GmbH for web operationsData shared with Mapp Intelligence for analyticsData shared with Google (Maps, YouTube) upon consentData shared with Vimeo upon consentData shared with movingimage upon consentData shared with Datawrapper for visualizationsData shared with Amazon (EU servers) for newsletter delivery
International Transfers
Mapp Digital US belongs to the corporate group but data is stored exclusively in Germanymovingimage uses sub-processors in third countries (CDN) under SCCsDatawrapper uses sub-processors in third countries (CDN) under SCCsGoogle and Vimeo are US-based but require user consent via two-click
AI / Model Training
No mention of AI or machine learning model training in the policy

Evidence Snippets

Direct quotes from the policy supporting these findings

Die Google Maps Karten sind mit einem Vorschaubild versehen, um zu vermeiden, dass bereits bei Betreten der Seite Daten an Google übermittelt werden.

Die IP-Adresse wird vor jeglicher Verarbeitung gekürzt und in anonymisierter Form zur Session-Erkennung und für die Geolokalisierung (bis auf Stadt-Ebene) verwendet.

movingimage setzt Unterauftragsverarbeiter in Drittstaaten ein. Insbesondere handelt es sich hierbei um den Betreiber des Content Delivery Networks (CDN).

Beendet ist die Konversation dann, wenn sich aus den Umständen entnehmen lässt, dass der betroffene Sachverhalt abschließend geklärt ist.

Missing or Unclear

  • No mention of supplementary technical measures for third-country transfers alongside SCCs
  • No explicit hard deadline for deleting contact form data
  • No disclosure regarding AI model training by third-party processors

Questions to Ask

  • What specific technical and organizational measures ensure that Mapp Digital US cannot access the analytics data stored exclusively in Germany?
  • Which specific third countries do the movingimage and Datawrapper sub-processors (CDNs) operate in, and have supplementary measures been implemented alongside SCCs?
  • How is the conclusion of a 'conversation' via the contact form objectively determined to trigger deletion, and is there a maximum timeout?
  • Do any of the integrated third-party services (like Conword or Mapp Intelligence) use the processed data for training their own AI or machine learning models?
This analysis is generated by AI and is not legal advice. Always consult a qualified legal professional for compliance decisions.

Share this analysis

Anyone with this link can view the result above.

Built by DentroChat

100% European AI chat for everyone

Chat with AI, work with files, generate images, and search the web. Data stays in Europe.

EU-hosted infrastructureText, files, images & web searchFast, Thinking & Creative modesPrivacy-first by defaultNo data leaves Europe
Try free →